200 word response 1 reference/intext citation Due 5/16/2024
Jackson
The Sarbanes-Oxley Act, or Sox, is a United States law “to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies” (Fruhlinger, 2020). Specifically, the section of the SOX compliance law that requires proper controls and integrity of financial record-keeping within a IT infrastructure is section 404. According to Sarbanes Oxley, section 404 is the most contentious and costly to apply of all the Sarbanes Oxley Act requirements. An Internal Control Report, which declares that management is in charge of maintaining a “adequate” internal control system, and an evaluation of the control structure’s efficacy by management are mandatory components of all annual financial reports. The guidelines in section 404 outline information for companies, such as documenting all internal company control processes related to financial reporting. The procedures put in place to protect the accuracy of financial information are described in depth. Senior management of the company must also evaluate the how sufficient the controls are in preventing errors during financial reporting. Furthermore, testing is necessary to make sure the controls are performing as intended, according to management. Management is in charge of taking corrective action to tighten controls and reduce risks to financial reporting if any flaws or vulnerabilities are found.